Latest WhatsApp Scam Infects Users with Banking Malware

Hackers have started a new campaign in which they have chosen WhatsApp as the primary malware-distributing platform. In this campaign, hackers are distributing the malware through 2 files namely “NDA-ranked-8th-toughest-College-in-the-world-to-get-into.xls” and “NIA-selection-order-.xls” respectively. These files are being circulated via WhatsApp in the form of authentic word files obtaining sensitive information from users which include online banking credentials, PIN codes and similar details.

According toIBTimes,Android users inIndiaare the key targets of this new WhatsApp scam. However, there isn’t any particular operating system that is being cited as the most affected one. It is worth noting that these sorts of malware campaigns are usually designed to work on Google’s operating system instead of the iOS.

The reason why Indian android OS users are frequently being targeted by hackers in such campaigns is that Indian market is very popular for low-cost,cheap Android smartphonesthat run on older versions of the android OS.

Hackers are attacking two key organizations in India to compel users to click on the word documents attached in the malicious WhatsApp message. This message has names of two major organizations of India namely National Defense Academy/NDA and National Investigation Academy/NIA. These files are in Excel format mainly but versions of these files in Word and PDF formats have also been identified.

Authorities in India have already issued security alerts to the concerned authorities since it is being speculated that this new campaign attacks law enforcement authorities and military personnel in the majority. “It has been analyzed that the men and women in defense, paramilitary and police forces could be the target groups,” believe security officials in India.

According to theEconomic Times, the NIA and NDA are very popular organizations in India as well as abroad; there is a high level of curiosity about the way these organizations function among masses, which is why people are so interested in opening the infected attachments on WhatsApp. At the moment it isn’t clear what else this malware performs when the files are opened and if WhatsApp has taken any action in this regard to prevent users from getting affected.

This is not the first time when Indian defense sector has come under sophisticated online scam. Last year, TrendMirco, an IT security firmexposed Pakistan linked hackerstargeting military officials through a spear-phishing mechanism. Before that, Google even removed an Android app “SmeshApp” after receiving an official complaint from the government of India that Pakistani hackers have been spying on Indian military through that app.

That’s not all, the Indian government also blamed Pakistan for using malware infected gaming and music apps to spy on the smartphones of military officials. However, in the latest scam, India has not officially blamed Pakistan or any other country.

If you want to prevent the threat then you must never click on unknown links regardless if these have been received through authentic platforms such as WhatsApp. Remember, today, it is the Indian users being infected and tomorrow it can be you. So be careful and never download apps from a third-party store.

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.